github.com/google/syzkaller@v0.0.0-20251211124644-a066d2bc4b02/tools/create-buildroot-image.sh (about)

     1  #!/usr/bin/env bash
     2  # Copyright 2021 syzkaller project authors. All rights reserved.
     3  # Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
     4  
     5  # This script builds a buildroot-based Linux image.
     6  # It should be run from a buildroot checkout (git://git.buildroot.net/buildroot) as:
     7  # TARGETARCH={amd64,arm64,arm,riscv64,s390x,mips64le,ppc64le} [NOMAKE=yes] create-buildroot-image.sh
     8  # If no NOMAKE=yes is specified, then it will just prepare the buildroot config,
     9  # but will not run the final make.
    10  # For amd64 and arm64 it creates a bootable image with root partition
    11  # on /dev/sda1 in output/images/disk.img file.
    12  # For other architectures it creates a non-bootable disk
    13  # suitable qemu injected boot with root partition on /dev/sda
    14  # in output/images/rootfs.ext4 file.
    15  # Note: the image requires at least kernel v4.19
    16  # (otherwise glibc complains about unsupported kernel version).
    17  
    18  set -eux
    19  
    20  NOMAKE="${NOMAKE:-}"
    21  TARGETARCH="${TARGETARCH:-amd64}"
    22  case "$TARGETARCH" in
    23  	amd64)
    24  		DEFCONFIG="pc_x86_64_bios_defconfig";;
    25  	arm64)
    26  		DEFCONFIG="aarch64_efi_defconfig";;
    27  	arm)
    28  		DEFCONFIG="qemu_arm_vexpress_defconfig";;
    29  	riscv64)
    30  		DEFCONFIG="qemu_riscv64_virt_defconfig";;
    31  	s390x)
    32  		DEFCONFIG="qemu_s390x_defconfig";;
    33  	mips64le)
    34  		DEFCONFIG="qemu_mips64r6el_malta_defconfig";;
    35  	ppc64le)
    36  		DEFCONFIG="qemu_ppc64le_pseries_defconfig";;
    37  	*)
    38  		echo "unsupported TARGETARCH=${TARGETARCH}"
    39  		exit 1;;
    40  esac
    41  
    42  git fetch origin
    43  git checkout 2025.02.1
    44  
    45  make "${DEFCONFIG}"
    46  
    47  # Common configs for all architectures.
    48  cat >>.config <<EOF
    49  BR2_TARGET_GENERIC_HOSTNAME="syzkaller"
    50  BR2_TARGET_GENERIC_ISSUE="syzkaller"
    51  BR2_ROOTFS_POST_FAKEROOT_SCRIPT="./rootfs_script.sh"
    52  BR2_TOOLCHAIN_BUILDROOT_GLIBC=y
    53  BR2_PACKAGE_DHCPCD=y
    54  BR2_PACKAGE_OPENSSH=y
    55  
    56  # This slows down boot.
    57  # BR2_PACKAGE_URANDOM_SCRIPTS is not set
    58  
    59  BR2_TARGET_ROOTFS_EXT2_SIZE="1G"
    60  # Slightly more interesting and realistic options.
    61  BR2_TARGET_ROOTFS_EXT2_MKFS_OPTIONS="-O 64bit,ext_attr,encrypt,extents,huge_file,flex_bg,dir_nlink,sparse_super,resize_inode,has_journal"
    62  
    63  # Install firmware for USB devices we can connect during fuzzing.
    64  BR2_PACKAGE_LINUX_FIRMWARE=y
    65  BR2_PACKAGE_LINUX_FIRMWARE_MEDIATEK_MT7650=y
    66  BR2_PACKAGE_LINUX_FIRMWARE_MEDIATEK_MT7601U=y
    67  BR2_PACKAGE_LINUX_FIRMWARE_MEDIATEK_MT7610E=y
    68  BR2_PACKAGE_LINUX_FIRMWARE_MEDIATEK_MT76X2E=y
    69  BR2_PACKAGE_LINUX_FIRMWARE_AR3012_USB=y
    70  BR2_PACKAGE_LINUX_FIRMWARE_BRCM_BCM43XX=y
    71  BR2_PACKAGE_LINUX_FIRMWARE_BRCM_BCM43XXX=y
    72  BR2_PACKAGE_LINUX_FIRMWARE_LIBERTAS_USB8388_V9=y
    73  BR2_PACKAGE_LINUX_FIRMWARE_LIBERTAS_USB8388_OLPC=y
    74  BR2_PACKAGE_LINUX_FIRMWARE_LIBERTAS_USB_THINFIRM=y
    75  BR2_PACKAGE_LINUX_FIRMWARE_MWIFIEX_USB8797=y
    76  BR2_PACKAGE_LINUX_FIRMWARE_MWIFIEX_USB8801=y
    77  BR2_PACKAGE_LINUX_FIRMWARE_MWIFIEX_USB8897=y
    78  BR2_PACKAGE_LINUX_FIRMWARE_RALINK_RT61=y
    79  BR2_PACKAGE_LINUX_FIRMWARE_RALINK_RT73=y
    80  BR2_PACKAGE_LINUX_FIRMWARE_RALINK_RT2XX=y
    81  BR2_PACKAGE_LINUX_FIRMWARE_AS102=y
    82  BR2_PACKAGE_LINUX_FIRMWARE_DIB0700=y
    83  BR2_PACKAGE_LINUX_FIRMWARE_ITETECH_IT9135=y
    84  BR2_PACKAGE_LINUX_FIRMWARE_CX231XX=y
    85  BR2_PACKAGE_LINUX_FIRMWARE_QUALCOMM_WIL6210=y
    86  # This one we could use, but it breaks buildroot:
    87  # Makefile.legacy:9: *** You have legacy configuration in your .config! Please check your configuration.
    88  # BR2_PACKAGE_LINUX_FIRMWARE_ATHEROS_10K_QCA6174=y
    89  BR2_PACKAGE_LINUX_FIRMWARE_ATHEROS_10K_QCA998X=y
    90  BR2_PACKAGE_LINUX_FIRMWARE_ATHEROS_10K_QCA9377=y
    91  BR2_PACKAGE_ZD1211_FIRMWARE=y
    92  
    93  # These packages seem to enable rfkill (and are unnecessary).
    94  # BR2_PACKAGE_CONNMAN is not set
    95  # BR2_PACKAGE_WPA_SUPPLICANT is not set
    96  
    97  # These packages enable SELinux policy.
    98  BR2_PACKAGE_LIBSELINUX=y
    99  BR2_PACKAGE_REFPOLICY=y
   100  BR2_PACKAGE_REFPOLICY_POLICY_STATE_PERMISSIVE=y
   101  # BR2_PACKAGE_REFPOLICY_POLICY_STATE_ENFORCING is not set
   102  # BR2_PACKAGE_REFPOLICY_POLICY_STATE_DISABLED is not set
   103  EOF
   104  
   105  # Per-arch config fragments.
   106  case "$TARGETARCH" in
   107          amd64)
   108  		cat >>.config <<EOF
   109  BR2_TARGET_GENERIC_GETTY_PORT="ttyS0"
   110  BR2_LINUX_KERNEL_USE_ARCH_DEFAULT_CONFIG=y
   111  BR2_LINUX_KERNEL_CONFIG_FRAGMENT_FILES="board/qemu/x86_64/linux.config"
   112  # This is used to create some device links in devfs (see udev rules below),
   113  # but this is too slow for emulated architectures.
   114  BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y
   115  EOF
   116  ;;
   117          arm64)
   118                  cat >>.config <<EOF
   119  BR2_cortex_a57=y
   120  BR2_LINUX_KERNEL_USE_ARCH_DEFAULT_CONFIG=y
   121  BR2_LINUX_KERNEL_IMAGEGZ=y
   122  BR2_LINUX_KERNEL_GZIP=y
   123  BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_5_10=y
   124  BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE="5.10.235"
   125  BR2_ROOTFS_POST_IMAGE_SCRIPT="board/aarch64-efi/post-image.sh ./post_image_script.sh support/scripts/genimage.sh"
   126  BR2_ROOTFS_POST_SCRIPT_ARGS="-c ./custom-genimage-efi.cfg"
   127  EOF
   128  ;;
   129  	arm)
   130  		cat >>.config <<EOF
   131  # BR2_LINUX_KERNEL is not set
   132  BR2_cortex_a15_a7=y
   133  BR2_TARGET_ROOTFS_EXT2_4=y
   134  EOF
   135  ;;
   136  	s390x)
   137  		cat >>.config <<EOF
   138  # BR2_LINUX_KERNEL is not set
   139  EOF
   140  ;;
   141  	mips64le)
   142  		cat >>.config <<EOF
   143  # BR2_LINUX_KERNEL is not set
   144  EOF
   145  ;;
   146  	ppc64le)
   147  		cat >>.config <<EOF
   148  # BR2_LINUX_KERNEL is not set
   149  EOF
   150  ;;
   151  	riscv64)
   152  		cat >>.config <<EOF
   153  # BR2_LINUX_KERNEL is not set
   154  EOF
   155  ;;
   156  esac
   157  
   158  # Set syslogd level to "critical", otherwise we may get too many unrelated logs (see #5452).
   159  sed -i 's/SYSLOGD_ARGS=""$/SYSLOGD_ARGS="-l 2"/' package/busybox/S01syslogd
   160  
   161  # dhcpd version 10.1.0 fails to start in the presence of CONFIG_SECCOMP.
   162  sed -i 's/DHCPCD_VERSION = 10.1.0$/DHCPCD_VERSION = 10.2.0/' package/dhcpcd/dhcpcd.mk
   163  if ! grep -q "dhcpcd-10.2.0.tar.xz" package/dhcpcd/dhcpcd.hash; then
   164    echo "sha256 7916fed1560835b5b9d70d27604c3858e501c5a177eef027f96eb7ab0f711399 dhcpcd-10.2.0.tar.xz" >> package/dhcpcd/dhcpcd.hash
   165  fi
   166  
   167  # This script modifies the target root filesystem
   168  # before it's packed into the final image.
   169  # This part is common for all architectures.
   170  cat >rootfs_script.sh <<'EOFEOF'
   171  set -eux
   172  
   173  # Mount /dev right after / is mounted.
   174  sed -Ei '/\/dev\/pts/i ::sysinit:/bin/mount -t devtmpfs devtmpfs /dev' $1/etc/inittab
   175  
   176  # Mount debugfs for KCOV and other filesystems.
   177  cat >>$1/etc/fstab <<EOF
   178  debugfs /sys/kernel/debug debugfs defaults 0 0
   179  securityfs /sys/kernel/security securityfs defaults 0 0
   180  configfs /sys/kernel/config/ configfs defaults 0 0
   181  binfmt_misc /proc/sys/fs/binfmt_misc binfmt_misc defaults 0 0
   182  smackfs /sys/fs/smackfs smackfs defaults 0 0
   183  selinuxfs /sys/fs/selinux selinuxfs defaults 0 0
   184  fusectl /sys/fs/fuse/connections fusectl defaults 0 0
   185  pstore /sys/fs/pstore pstore defaults 0 0
   186  bpf /sys/fs/bpf bpf defaults 0 0
   187  tracefs /sys/kernel/tracing tracefs defaults 0 0
   188  EOF
   189  
   190  # Setup ssh without key/password.
   191  cat >$1/etc/ssh/sshd_config <<EOF
   192  PermitRootLogin yes
   193  PasswordAuthentication yes
   194  PermitEmptyPasswords yes
   195  ClientAliveInterval 420
   196  Subsystem	sftp	/usr/libexec/sftp-server
   197  EOF
   198  
   199  # Generate sshd host keys.
   200  ssh-keygen -A -f $1
   201  mkdir -p $1/var/db/dhcpcd
   202  
   203  EOFEOF
   204  
   205  # Per-arch part of the rootfs script.
   206  case "$TARGETARCH" in
   207  	amd64)
   208  cat >>rootfs_script.sh <<'EOFEOF'
   209  
   210  # Write udev rules.
   211  cat >$1/etc/udev/rules.d/50-syzkaller.rules <<EOF
   212  ATTR{name}=="vim2m", SYMLINK+="vim2m"
   213  SUBSYSTEMS=="pci", DRIVERS=="i915", SYMLINK+="i915"
   214  EOF
   215  
   216  # Override default grub config with timeout 0.
   217  cat >$1/boot/grub/grub.cfg <<EOF
   218  set default="0"
   219  set timeout="0"
   220  menuentry "syzkaller" {
   221  	linux /boot/bzImage root=/dev/sda1 console=ttyS0
   222  }
   223  EOF
   224  EOFEOF
   225  ;;
   226          arm64)
   227  cat >post_image_script.sh <<'EOFEOF'
   228  cat >${BINARIES_DIR}/efi-part/EFI/BOOT/grub.cfg <<EOF
   229  set default="0"
   230  set timeout="0"
   231  menuentry "syzkaller" {
   232  	linux /Image.gz root=PARTLABEL=root enforcing=0 console=ttyS0
   233  }
   234  EOF
   235  EOFEOF
   236  ;;
   237  esac
   238  
   239  # Adjust consts in buildroot source files.
   240  case "$TARGETARCH" in
   241    arm64)
   242      cp board/aarch64-efi/genimage-efi.cfg custom-genimage-efi.cfg
   243      # 64 MB is too small for our large images.
   244      sed -i 's/size = 64M/size = 256M/g' custom-genimage-efi.cfg
   245      # Also, use compressed images.
   246      sed -i 's/Image/Image.gz/g' custom-genimage-efi.cfg
   247      ;;
   248  esac
   249  
   250  touch post_image_script.sh  # only created for some archs
   251  chmod u+x rootfs_script.sh post_image_script.sh
   252  
   253  make olddefconfig
   254  
   255  if [[ "$NOMAKE" == "" ]]; then
   256  	make
   257  fi